I was working on ast_mono tonight, and had to make some decisions on how the ManagedAsterisk API would handle formatted (printf style) functions.

First, there's technical issues. printf functions use varargs. I'm not exactly sure on how to forward and prototype these methods. I know IL supports varargs, but I don't think that C# does. So, I'd end up doing a “params object[] args” parameter. The issue is that my unmanaged runtime is then massed a set of pointers, and would have to figure out what each item is to be able to format it correctly. Still, it's possible.

Then the real issue comes into play. .NET APIs don't use printf style functions. To many .NET programmers this style would seem foreign, and clash with other APIs. Since one of the goals of ast_mono is to present an API that's consistent and feels like any other .NET library, this is unacceptable. So, instead, I'm doing to use string.Format to handle the formatting for these functions (such as ast_log). Yes, the functionality is somewhat different, but overall it should provide a much better development experience to ast_mono users.

When I got ASP.NET 2 Alpha, the first thing I did was drop it on my webserver and see if all my real sites worked. Some did. Some didn't. dasBlog refused to run. Lots of strange little problems. So, regretfully, I rolled back to 1.1.

Well, I just moved to a new server. I forgot to roll all the sites back to 1.1. Interestingly enough, I didn't notice. Everything worked just great. (I've since rolled them back anyways.) Way to go ASP.NET team! This makes me feel much better, as earlier (Alpha) it seemed as if caring about their existing customers wasn't a priority.

BroadVoice released a patch for Asterisk that fixes some issues with SIP registration. They hired people and made a commercial patch. Way to go.

Then, they decided to *email* it to customers. Yes. In 2004. A company emailing patches to customers. Apparently they didn't think this was dumb. No link to their web site, no secure download from their website, nothing. In fact, the email was signed “The BroadVoice Team”, which is the signature I remember seeing on a few virus emails.

So, I responded to the Asterisk-users mailing list about this patch, saying how it was utterly ridiculous to do this, as it teaches customers to not be secure and go blindly installing stuff. Here are some of the comments I got back (and they aren't sarcastic either!):

“the patch is pure c code. it took me 5 mins to read & understand it. is very simple (but useful).
Simply that patch (apart from adding some logs, comments and little code formatting) simply caches auth data AND let * manage 403 responses from the server, and this last one perhaps is the issue that was overloading BV .
so, just read it (or let someone do for it) and understand that's not a problem :)“

“I don't see a security issue with his method. If you (a) read the entire patch and (b) comprehend fully everything that it does, then there's nothing to worry about. Fear comes from the unknown, and if you know everything in the patch, there's nothing to fear. “

“To claim that someone opens a security hole by accepting a verified patch via email, is the same as claiming that you never have a security hole just because you download from "trusted" sites. Webservers can be hacked, you know. And not every buffer-overflow will lead to a security issue -- many just crash the system. “

So, I think this goes some way towards showing that all is not well as far as security mentality in open-source land. I pointed out to them that “even Microsoft does it right” :). Didn't seem to make me popular.

Thinking that you can just read the code and be set is equivalent to saying there should never be any security holes in any code because people will just read and know. Add to the fact that what you're combating is a possible *malicious* security hole, not just an accident, and I think most devs would pass things right over.

My brother is running a charity this year to buy Christmas gifts for orphans in Guatemala this year. For under $10, you can get a gift delivered to an orphan this year. If you'd like to, go check it out: www.ProjectHappiness.org.

I was looking for some lyrics today and ended up here: http://music.imbc.com/iMBCMusic/iMRefAllOfMusic.asp?ArtistID=3603

Seeing the MP3 button, I hit download. The next intermediate page had the title: “More Click Better Life”. Well, yea, I suppose they're right :)

Earlier this week, I paid the local security providers (guards who supposedly guard the neighbourhood). The next day the guy came with my receipt, so I told him to leave it in the mailbox. He said, “I can't do that. I need you to sign for it.” Not sure why they do this, but whatever. Best not to argue with the guys who walk around with shotguns, know where you live, and so on, right?

So I'm handed a sheet of paper with a bunch of names and numbers on it, and told to find my name. OK, there we go, #1088. He looks in his folder and finds receipt number #1088, and then has me sign it. Then, he gives me the receipt I just signed. So I ask him “Why do you have me sign this paper, if I'm going to keep it?” “Umm, well, we have you check your name off on this list, so that we know you signed the receipt.” Alright, I'll check my name off... crazy but whatever. Oh, what's this, my name's already checked off, as are most of the names on the list. “Ahh, well. You are normally supposed to check off your name.”

And this guy gets paid to walk around and do this? It just really makes me wonder what kind of thoughts go through some peoples' brains. I wish I could have a short glimpse into some of these minds and see how it works. I mean, do they feel a fog over their mind? Or is it like they just don't care? Or does it feel like I do when I think about anti-matter warp drives: I have some clue as to how it's supposed to work but really don't know much details and probably wouldn't understand them if I did? 

Do you use .NET? If so, the BCL design guidelines are in dire need of your support! According to Krzysztof Cwalina, the BCL is now going to start using long names for parameterized types. Forget Dictionary<K, V> and clean, concise, code. Nope. Apparently some people couldn't figure out what the heck a List<T> was, and really needed List<TypeOfTheItemInTheDamnList>.

And the BCL team, in an effort to save some work in tools I imagine, decided not to add documentation/descriptions thru metadata (i.e., add an attribute to say <T> in List means *the type of the item in the list*).

Here's the details:
http://blogs.msdn.com/kcwalina/archive/2004/11/03/251722.aspx

So, do you want to write/maintain/use/and in general just look at horribly verbose code? If not, get you say in here: http://lab.msdn.microsoft.com/ProductFeedback/viewFeedback.aspx?feedbackid=3cee09d8-3b82-4c5f-83a4-be52ba9b9e98

Vote against this ugly excersice in verbosity today!

As I mentioned a few posts ago, I have a makefile project in MSVC++ 8 (2005) setup. Part of my solution builds with GCC on Linux, part on Windows with CSC. By using plink (command-line version of Putty), I'm able to ssh over to my Linux machine and build. The errors show up in the error list in VS2005. Except for one slight problem: Visual Studio does not read the error line information correctly, resulting in an error if I try to click and goto that line.

GCC outputs errors so: my.c:123: error: you suck. VS expects them as my.c(1) : error you suck. So, I decided to write a filter for the output. But, since it was around 2 AM, I decided to check and see if GCC supports out in the style that VS expects. As far as I can tell, it doesn't. But, I found a link to a page that has a program that accomplishes just this (GNU2MSDEV): http://www.xs4all.nl/~borkhuis/vxworks/vxw_pt1.html#1.13

Yey, I'm done, right? Well, not quite. GNU2MSDEV reads from stdin. GCC puts the errors on stderr. So, the parser only gets part of the output, missing the critical parts. Ouch. Now, since it's past my bedtime, I spent a while trying to figure out what was going on, thinking perhaps the program was broken. Got the source, uncommented some debugging stuff, and finally, I realised that I'd need to get stderr send over stdin, as the easiest course of action.

I'm not sure how you redirect stderr in the NT command shell. One page I read said this was impossible from the command line, and you need to use a different shell (they suggested running Linux), or write a program to do it for you. I decided to just add this to my linux commands. Now, my VS build command line looks like this:

plink 192.168.0.123 -ssh -l myUser -pw myPassword "cd /usr/src/something;make clean; make install 2>&1;" | gnu2msdev

Presto. Now it works just perfectly, and I can double click the error list and go right to the file/line where the error is. Of course, now it's 3AM for some reason, and instead of writing some code to record phone calls, I'm instead going to go to sleep.

Windows decided not to load 2 of my hard disks (yes, I'm buying a RAID 1 setup tomorrow -- yikes!), so I wasn't able to access my music collection. I can't work at all without some sound. So I found a shared folder from KCeasy and lo and behold, it had a few interesting things in it, so I queue'd them up.

Well, one track was by Ayumi Hamasaki, and I quite liked it. So I thought, hey, I'll go buy the CD. $28, not that bad. Oh wait, what's this?

Shopping Note:
· This CD is copyright-protected. The tracks on the CD can be played on PC running Windows operation system, but cannot be copied onto any PC nor can they be played on Macintosh operation system.

Can be played on a PC, but can't be copied? Huh? That means they do Some Very Evil Stuff. If a CD can't be copied, then something seriously wrong is going on. Now, the only thing I've heard of is it that lame technology that puts a driver on your system to screw things up and then gives you access to WMA only. I think it comes from a company that has the word “Sun” in their name. The one that you can bypass by disabling Autoload.

Well, I don't play CDs, period. My playlists are huge, I'm using my DVD drive for other things, and I hate the idea of passing physical media around for no reason. I also despise any company that tries to covertly install drivers to destroy my computer.

So, what's the outcome here? Well, I'm not gonna buy the CD. The artist loses $3? Oh no. I'll still get the music (gonna queue it up right now), and if I like it, I'll be a fan and if I happen to be around where a concert is, perhaps I'll go. But as far as paying for locked down media? Screw 'em. In fact, if I'm going to PAY for the media, I'd like them to ship a professionaly encoded set of WMA tracks at 256Kbps along with the CD audio. Actually, heck, just send me the WMA files. I don't need CD-audio. Send me higher quality WMA files (higher sampling, higher bit depth, WMA Pro codec, lossless compression). Oh yea, and get rid of the lame attempt to use DRM. Then I'll buy.

OK, I hardly do any politics here, so here's my one shot, considering the US elections failed. What a bad omen for the new few years eh? Anyways, instead of just complaining, I think we (people of the Earth) should step in and help. A bunch of other countries should get together and hold and intervention for the USA. Just like a friend on cocaine (or something bad) -- you perhaps watch and warn the first time it's a problem, and after that you just get involved.

Other nations should just step in and say, “We're sorry. We love [some] of you. We can't let you continue to do this to yourselves.” And then we would put someone else more competent in charge. Maybe Tommy Chong. “It's only for your own good” is what we'd tell the states. Faced with a world-wide show of love and support they'd definately see their folly and agree, right? Maybe not, judging from the voting maps. If you look at the voting maps, Bush is very much skewed towards people with pitchforks and gun racks in their pickups, while non-Bush is skewed towards people with an IQ above 110. Then again, we'll probably see a few more soverign countries blown up anyways, so there's probably not much to lose.

OK, I'm done.

I wrote this quite some time ago, with the Whidbey Beta, I believe. I was gonna make it nice, but never got around to it, but somehow it came up today and I remembered it. So, I decided to post the code and the link.

Basically, it's an HTML Chat client using a ASP.NET in-process server. It's very, very lightweight -- it wouldn't work for tons of users (it uses a ReaderWriter lock!). I use web services to poll for new messages (or translate received messages, although that seems broken right now).

Now, since it relies on the soap client, it doesn't work on all browers. A easy way around this is to replace the web services with IFRAMEs. Also, if you wanted to scale this solution up (say, you're building a chat client for MSDN :)), I believe you should leave the HTTP connection that receives messages open for say, 60 seconds (or more). This reduces the hit of polling drastically, and works quite well (I tested it in a few browsers). The server only has to authenticate the client ONCE, and then it can just pump new content down the pipe as it seems fit. At any rate, it's a simple chat system that could give someone a head start if they lack a head.

Anyways, get the code (ASP.NET 2 required): SimpleChat.zip (25.33 KB) It's running here: http://www.atrevido.net/SimpleChat/

If there's enough interest, and if a 19th level wizard visits me and gives me a Wand of Time Stop, perhaps I'll write a production level version of this (that DOESN'T use SOAP).

OK, I've had it. Ever since XML came out, certain people have been misusing it all over the place for no reason at all. *XML IS JUST A FORMAT.* It's not magic. It's not cool. Use if it makes sense. However, it is actually a REAL format; adding < and > to a document doesn't make it XML. LinkPoint needs to learn this.

LinkPoint (owned by First Data) is a rather large company to process credit cards. You would think they'd have people who actually have some clue as to what they are doing when it comes to their programmatic interface eh? Check this code sample out:

As I was designing exactly how I was going to generate all the C# prototypes and basic C implementations for my ast_mono internalcalls, I realised it'd be a bit more work than I feel like doing, especially where there's already work done. I'm not looking for a completely automated way to create code files that can be updated on-the-fly. I think there will be a lot of customization going into each generated file, and I'm comfortable with that.

So what I really want is a simple way to have some of my C# code emit some definitions and code into two files (the C# prototype file and the C internalcall file). I don't really care to actually process C header files all -- all I want is access to the type definitions, even in a limited form. In taking a deeper look at SWiG, I found that, lo-and-behold, it also emits its parse trees as XML if I so desire. Sweet. Now I'll have a nicely packaged way to get at the type info of all the header files for Asterisk.

Visual Studio 2005 is just beautiful. I'm currently writing ast_mono, which has 2 C projects (that build on Linux), and 1 C# project (that builds with Whidbey). Everything gets deployed on Linux. However, I have my entire dev process available right from VS. The C projects are Makefile projects, and allow a command-line to be specified. Enter Plink, and I'm set. Plink is an Win32 command line SSH client. I just pass in the commands (cd /usr/src/ast_mono/runtime; make clean; make install;) and away it goes. In fact, VS detects when there's an error and shows the errors (from GCC) in the VS task pane.

Only two things I want: file/line info from GCC into VS. GCC outputs errors differently than VS is expecting and thus I can't go right to the file/line of the error. And debugging. I've got no idea how to do cross-platform debugging, let alone with VS integration. I highly doubt this is even possible.

Meanwhile, I'm enjoying my single-step build/deploy process very much.

Asterisk depends on quite a few structures, obviously :). One of my goals for ast_mono is to make the API seem as .NET-friendly and standard as possible. This includes creating a real object oriented API, rather than the C way (where you pass the structure in as the first parameter). At runtime it'll be nearly the same thing, but it really changes the whole of the API.

Before I can do any real function calls or library work, I need to have the base classes defined: channels, files, etc. My first approach was the “nicest”. My idea was to prototype the structures in C#, allowing direct access from the .NET runtime to the structure, using C# unsafe code (i.e., ast_channel *myPtr; myPtr->language). I'd rolle the unsafe code inside the class, so to an end-user, it'd appear as a normal property.

However, I don't trust that all the structures in Asterisk will stay the same all the time. If a field was added or moved around, I'd have to declare a whole different prototype. To make things worse, I think it's entirely possible that there could be some #defines that people change per-platform, and that there could be multiple valid prototypes that I'd need to support (as part of the C# build process). My goal is to ship a runtime that can be built on the target machine, but the C# API should be able to be distributed in binary form without any issues. One main goal of this is that building ast_mono won't require a C# compiler. The IL binaries should be fully portable by themselves.

So, despite the advantages and elegancy of being able to access the structures with pure managed code, it's not going to happen. I checked out SWiG, and it's quite powerful. SWiG allows you to take C/C++ headers and turn them into definitions for C#, Java, Perl, and a slew of others. I might possibly be able to use this tool as a basis for my app.

For C#, SWiG creates a class that takes a pointer to the unmanaged structure. Then it generates properties in C# that call P/Invoke methods on a C class it generates. So to access the language field of ast_channel, the get property accessor P/Invokes to ast_channel_get_language. This is OK. However, I believe it can be done better using internalcalls.

Mono allows a runtime host to register internalcalls. Internalcalls run as part of the runtime, and have access to the native .NET types. This removes the need for marshalling to those calls: a big plus. Obviously there will still be some marshalling needed for some types (i.e. taking a null-terminated ANSI string and creating a .NET string), but it'll be easier to work with. For the performance and flexibility of doing things this way, I think it's worth the bit of extra work to write a small program to generate some of the wrapper code for me instead of using SWiG. (I also am not very fond of the code generated by SWiG.) Also, I should be able to grab the comments from the headers and generate some basic XML docs.

Methods are quite a bit simpler, with the same basic principles applying. I'll extend my code to emit some basic definitions (C# prototypes + basic C Mono implementations) and that should get me going.

On a side note, although right now I'm sticking to the ISO spec of C#, Mono 1.2 has support for many of Whidbey's features. This means I get to use generics soon. Also, I am going to be compiling with the Whidbey C# compiler, so compile-time only features, such as partial classes, are available too. Yum :).